Privacy policy
This privacy statement covers liverpoolcityregion-ca.gov.uk and any other websites that include ‘liverpoolcityregion-ca.gov.uk’ in the address.
When you use these websites you are agreeing to this statement, and any additional statements on individual pages within the sites.
We may change this information without notice, so you should revisit this page and any other relevant pages from time to time.
Respecting your privacy
We respect your privacy. Information you provide, or that is gathered automatically, helps us monitor our service and provide the services you are entitled to as a visitor to our website.
We treat incoming emails and forms in the same way as other communications we receive.
Emails sent through the internet may not be secure. They could be intercepted and read by someone else. Please consider this before you send personal or sensitive information by email.
We aim to have a secure and reliable website, and use appropriate security technology to protect any personal data we may process about you. But your use of the internet, and this website, is entirely at your own risk. We have no responsibility or liability for the security of personal information transmitted over the internet.
Other organisations
We don’t make your personal details available to other companies for marketing purposes.
If requested we may share information with law-enforcement or government authorities, for a criminal investigation.
Any information you provide to the Careers Hub is held and processed by Liverpool City Region Combined Authority on behalf of The Careers and Enterprise Company. Enterprise Advisor (EA) details for the Careers Hub will also be shared with designated schools/colleges to facilitate a working relationship. We may also notify employers of individuals participation as an EA and we may also share personal details with other schools and relevant providers in order to expand the network and to facilitate an introduction between EAs and a school or provider where it is appropriate and relevant. Further information on the data the Careers & Enterprise Company holds can be found at their Privacy Policy here.
Cookies
Cookies are files which can be stored on your computer when you visit a website, they cannot be used to identify you personally.
These pieces of information are used to improve services for you through, for example:
Enabling a service to recognise your device so you don’t have to give the same information several times during one task
Measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast
Analysing data to help us understand how you use online government services so we can improve them
How to restrict or block cookies
You can restrict or block cookies through your browser settings. The Help function within your browser should tell you how. You can find more detailed information about cookies and how to restrict or block them and how to delete them from your computer on the About Cookies website.
For information on how to do this on the browser of your mobile phone you will need to refer to your handset manual.
How we use cookies to collect statistics
To improve our service, we collect anonymous web statistics.
They store several cookies on users’ computers or mobile devices to tell us how many people have visited each web page, how they got there, and where they navigated to from there. The data collected is completely anonymous and does not store any personal details.
Changing your cookie settings
You can change your computer settings at any time to accept all cookies, to notify you when a cookie is issued, or not to receive cookies. How you do this depends on your web browser.
Find out more at www.aboutcookies.org
Data Gathering
Data gathered is done so from the following section of the Be More service (https://lcrbemore.co.uk):
User Registration Form
Newsletter subscription
Data Protection
Data is saved and retained securely and can only be accessed by authorised personnel using systems that are accessed and protected by two-factor authentication. Personnel authorised to use the system are subject to regular and mandatory data protection training which is subject to periodic review in order to preserve their access to the system.
Links with other websites
Our site contains links to and from other websites. The Liverpool City Region Combined Authority (LCRCA) does not necessarily endorse or support the organisations that are linked to or from our website. We cannot guarantee that links will work all of the time, and we have no control over the availability of the linked pages on other websites.
Please be aware that other websites may deal with privacy differently from LCRCA and we can take no responsibility for the privacy practices or the content of any linked websites. If you decide to access websites linked to ours, you do so at your own risk.
We welcome other websites to link to the information that is hosted on these pages. You do not have to ask permission to link but we can provide wording and linking graphics.
Virus and malware protection
We make every effort to check and test the material on our site for malicious software or ‘malware’. However, LCRCA cannot accept any responsibility or liability for any loss, disruption or damage to your computer system or information contained on it, which may occur as a result of using material from our site. It is always advisable to run an anti-virus program on any material downloaded from the internet.
If an email infected with malicious software is sent to us, it will be deleted automatically before it reaches our email system. Please be aware that if you have unintentionally sent us an email infected with malicious software, it will not reach us. If you don’t receive acknowledgement of your email within 10 working days, please contact us using the online enquiry form.
Fair Processing Notice
Identity and contact details of the controller and where applicable, the controller’s representative) and the data protection officer
The Liverpool City Region Combined Authority (‘the CA’) is the ‘controller’ for your personal information. This means that we decide the purpose and means of how your data is used as part of our apprenticeship work.
If you have any questions about how your information is being used you can contact Merseytravel’s Data Protection Officer at
DPO@merseytravel.gov.uk
0151 330 1679
1 Mann Island, Liverpool, L69 3HN
Purpose of the processing and the legal basis for the processing
Halton Borough Council is the Data Processor. The information that is collected is used in accordance with the Data Protection Act / General Data Protection Regulation 2018. It may be shared with constituent bodies of the CA and project funders, for reporting and project performance monitoring / evaluation purposes and used for the setting and monitoring of equality & diversity targets.
Your information is being used by the CA to provide our apprenticeship service, and we are able to do this as part of a task carried out in the exercise of official authority vested in the CA as part of our devolved powers.
In the case of sensitive/special categories of personal data, our legal basis for processing is the substantial public interest based in UK law in the Local Democracy, Economic Development and Construction Act 2009.
Description of the categories of personal data
The categories of information being processed include your
name
email address
date of birth
local authority area
Any recipient or categories of recipients of the personal data
Your information will be shared with partner organisations for the purposes of providing you with apprenticeship opportunities.
Details of transfers to third country and safeguards
Your personal data will be transferred outside the European Economic Area to the USA. We ensure that the security of your personal data is guaranteed by the use of model contractual clauses approved by the Information Commissioner’s Office or the European Commission/as the United States have received an adequacy decision of the protection of personal data from the European Commission.
NB: the following countries have received adequacy decisions
Andorra
Argentina
Canada
Switzerland
Faeroe Islands
Guernsey
Israel
Isle of Man
Jersey
New Zealand
United Stated (EU-US Privacy Shield)
Retention period or criteria used to determine the retention period
Your data will be kept for a period of 3 years from the date of submission. This retention has been determined by the CA’s business need/industry best practice/legal requirement [state relevant law, i.e. Equality Act 2010, Limitation Act 1980]
The existence of each of data subject’s rights
The GDPR provides you with the following rights when it comes to your personal data:
The right to be informed how your personal data is being processed
The right of access to the personal data we hold about you, which includes providing copies of the information to you within one month of a request. We may charge a reasonable fee to provide this information based on our administrative costs of responding (i.e. photocopying, postage, etc.).
The right to rectification of any incorrect or incomplete data we hold about you
The right to erasure, also known as ‘the right to be forgotten’, where
Your information is no longer required for the purpose it was collected
You withdraw your consent
You object to Merseytravel processing your information (and there is no overriding legitimate interest for continuing the processing)
Merseytravel has breached the GDPR when processing your data
There is a legal obligation to delete the data (such as a court order)
The right to restrict processing, which limits what Merseytravel can do with your information
The right to data portability, where any automated processing of your information based on your consent or as part of a contract is made available for your reuse
The right to object to direct marketing or any processing based on the performance of a task in the public interest/exercise of official authority or for the purposes of scientific/historical research and statistics.
Rights in relation to automated decision making and profiling, where a decision made by a computer has a legal or significant effect on you.
The right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint regarding the processing of your personal data to the UK’s supervisory authority, the Information Commissioner, who can be reached using the details below:
The Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire SK9 5AF
0303 123 1113
Terms and conditions
These terms and conditions cover liverpoolcityregion-ca.gov.uk
When you use this website you are agreeing to accept these terms and conditions, and any additional terms on individual pages within the sites.
We may change this information without notice, so you should revisit this page and any other relevant pages from time to time.
Copyright and use of content
Unless expressly stated the copyright and other intellectual property rights (such as design rights, trademarks, patents etc.) in any material provided on this website remains the property of the Liverpool City Region Combined Authority (LCRCA) (or as, the case may be, another rightful owner). LCRCA-owned material on the website, including text and images, may not be printed, copied, reproduced, republished, downloaded, posted, displayed, modified, re-used, broadcast or transmitted in any way, except for the user’s own personal non-commercial use.
All content is available under the Open Government Licence, except where otherwise stated.
Disclaimer and limitation of liability
We have taken all reasonable care to compile information and material on this website, but we are not responsible for any loss, damage or inconvenience caused by any inaccuracy or error.
Liverpool City Region Combined Authority, our suppliers and any third-parties mentioned on the site are not liable for any damages arising from the use of, or inability to use, this site, or any websites linked to this site.
TrueDepth API
The application also makes use of automatically collected information using the device camera and the TrueDepth API. The only use of this information is to track the user’s head and face so that the user can control the app by moving their head. None of the information collected by the TrueDepth API ever leaves the user’s device nor is it persistently stored on the device.
